110swag / flashy-backend

Download as
Browse Code ยป

Commit 1b23b2c217fc51d1bbe5484f8a910c7d8c93f899

Authored by Andrew Buss
1 parent de674a3afe
Exists in master

HTTPS links in emails

Showing 1 changed file with 2 additions and 2 deletions Inline Diff

flashcards/views.py View file @ 1b23b2c
from flashcards.api import StandardResultsSetPagination 1 1 from flashcards.api import StandardResultsSetPagination
from flashcards.models import Section, User 2 2 from flashcards.models import Section, User
from flashcards.serializers import SectionSerializer, UserUpdateSerializer, RegistrationSerializer, UserSerializer, \ 3 3 from flashcards.serializers import SectionSerializer, UserUpdateSerializer, RegistrationSerializer, UserSerializer, \
PasswordResetSerializer, PasswordResetRequestSerializer, EmailPasswordSerializer 4 4 PasswordResetSerializer, PasswordResetRequestSerializer, EmailPasswordSerializer
from rest_framework.viewsets import ReadOnlyModelViewSet 5 5 from rest_framework.viewsets import ReadOnlyModelViewSet
from django.core.mail import send_mail 6 6 from django.core.mail import send_mail
from django.contrib.auth import authenticate, login, logout 7 7 from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.tokens import default_token_generator 8 8 from django.contrib.auth.tokens import default_token_generator
from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_401_UNAUTHORIZED, HTTP_201_CREATED 9 9 from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_401_UNAUTHORIZED, HTTP_201_CREATED
from rest_framework.views import APIView 10 10 from rest_framework.views import APIView
from rest_framework.response import Response 11 11 from rest_framework.response import Response
from rest_framework.exceptions import AuthenticationFailed, NotAuthenticated, ValidationError 12 12 from rest_framework.exceptions import AuthenticationFailed, NotAuthenticated, ValidationError
13 13
14 14
class SectionViewSet(ReadOnlyModelViewSet): 15 15 class SectionViewSet(ReadOnlyModelViewSet):
queryset = Section.objects.all() 16 16 queryset = Section.objects.all()
serializer_class = SectionSerializer 17 17 serializer_class = SectionSerializer
pagination_class = StandardResultsSetPagination 18 18 pagination_class = StandardResultsSetPagination
19 19
20 20
class UserDetail(APIView): 21 21 class UserDetail(APIView):
def patch(self, request, format=None): 22 22 def patch(self, request, format=None):
""" 23 23 """
Updates the user's password, or verifies their email address 24 24 Updates the user's password, or verifies their email address
--- 25 25 ---
request_serializer: UserUpdateSerializer 26 26 request_serializer: UserUpdateSerializer
response_serializer: UserSerializer 27 27 response_serializer: UserSerializer
""" 28 28 """
data = UserUpdateSerializer(data=request.data, context={'user': request.user}) 29 29 data = UserUpdateSerializer(data=request.data, context={'user': request.user})
data.is_valid(raise_exception=True) 30 30 data.is_valid(raise_exception=True)
31 31
if 'new_password' in data: 32 32 if 'new_password' in data:
if not request.user.check_password(data['old_password']): 33 33 if not request.user.check_password(data['old_password']):
raise ValidationError('old_password is incorrect') 34 34 raise ValidationError('old_password is incorrect')
request.user.set_password(request.data['new_password']) 35 35 request.user.set_password(request.data['new_password'])
request.user.save() 36 36 request.user.save()
37 37
if 'confirmation_key' in data and not request.user.confirm_email(data['confirmation_key']): 38 38 if 'confirmation_key' in data and not request.user.confirm_email(data['confirmation_key']):
raise ValidationError('confirmation_key is invalid') 39 39 raise ValidationError('confirmation_key is invalid')
40 40
return Response(UserSerializer(request.user).data) 41 41 return Response(UserSerializer(request.user).data)
42 42
def get(self, request, format=None): 43 43 def get(self, request, format=None):
""" 44 44 """
Return data about the user 45 45 Return data about the user
--- 46 46 ---
response_serializer: UserSerializer 47 47 response_serializer: UserSerializer
""" 48 48 """
if not request.user.is_active: return Response(status=HTTP_401_UNAUTHORIZED) 49 49 if not request.user.is_active: return Response(status=HTTP_401_UNAUTHORIZED)
serializer = UserSerializer(request.user) 50 50 serializer = UserSerializer(request.user)
return Response(serializer.data) 51 51 return Response(serializer.data)
52 52
def post(self, request, format=None): 53 53 def post(self, request, format=None):
""" 54 54 """
Register a new user 55 55 Register a new user
--- 56 56 ---
request_serializer: EmailPasswordSerializer 57 57 request_serializer: EmailPasswordSerializer
response_serializer: UserSerializer 58 58 response_serializer: UserSerializer
""" 59 59 """
data = RegistrationSerializer(data=request.data) 60 60 data = RegistrationSerializer(data=request.data)
data.is_valid(raise_exception=True) 61 61 data.is_valid(raise_exception=True)
62 62
User.objects.create_user(**data.validated_data) 63 63 User.objects.create_user(**data.validated_data)
user = authenticate(**data.validated_data) 64 64 user = authenticate(**data.validated_data)
login(request, user) 65 65 login(request, user)
66 66
body = ''' 67 67 body = '''
Visit the following link to confirm your email address: 68 68 Visit the following link to confirm your email address:
http://flashy.cards/app/verify_email/%s 69 69 https://flashy.cards/app/verify_email/%s
70 70
If you did not register for Flashy, no action is required. 71 71 If you did not register for Flashy, no action is required.
''' 72 72 '''
73 73
assert send_mail("Flashy email verification", 74 74 assert send_mail("Flashy email verification",
body % user.confirmation_key, 75 75 body % user.confirmation_key,
"noreply@flashy.cards", 76 76 "noreply@flashy.cards",
[user.email]) 77 77 [user.email])
78 78
return Response(UserSerializer(request.user).data, status=HTTP_201_CREATED) 79 79 return Response(UserSerializer(request.user).data, status=HTTP_201_CREATED)
80 80
def delete(self, request): 81 81 def delete(self, request):
""" 82 82 """
Irrevocably delete the user and their data 83 83 Irrevocably delete the user and their data
84 84
Yes, really 85 85 Yes, really
""" 86 86 """
request.user.delete() 87 87 request.user.delete()
return Response(status=HTTP_204_NO_CONTENT) 88 88 return Response(status=HTTP_204_NO_CONTENT)
89 89
90 90
class UserLogin(APIView): 91 91 class UserLogin(APIView):
def post(self, request): 92 92 def post(self, request):
""" 93 93 """
Authenticates user and returns user data if valid. 94 94 Authenticates user and returns user data if valid.
--- 95 95 ---
request_serializer: EmailPasswordSerializer 96 96 request_serializer: EmailPasswordSerializer
response_serializer: UserSerializer 97 97 response_serializer: UserSerializer
""" 98 98 """
99 99
data = EmailPasswordSerializer(data=request.data) 100 100 data = EmailPasswordSerializer(data=request.data)
data.is_valid(raise_exception=True) 101 101 data.is_valid(raise_exception=True)
user = authenticate(**data.validated_data) 102 102 user = authenticate(**data.validated_data)
103 103
if user is None: 104 104 if user is None:
raise AuthenticationFailed('Invalid email or password') 105 105 raise AuthenticationFailed('Invalid email or password')
if not user.is_active: 106 106 if not user.is_active:
raise NotAuthenticated('Account is disabled') 107 107 raise NotAuthenticated('Account is disabled')
login(request, user) 108 108 login(request, user)
return Response(UserSerializer(request.user).data) 109 109 return Response(UserSerializer(request.user).data)
110 110
111 111
class UserLogout(APIView): 112 112 class UserLogout(APIView):
def post(self, request, format=None): 113 113 def post(self, request, format=None):
""" 114 114 """
Logs the authenticated user out. 115 115 Logs the authenticated user out.
""" 116 116 """
logout(request) 117 117 logout(request)
return Response(status=HTTP_204_NO_CONTENT) 118 118 return Response(status=HTTP_204_NO_CONTENT)
119 119
120 120
class PasswordReset(APIView): 121 121 class PasswordReset(APIView):
""" 122 122 """
Allows user to reset their password. 123 123 Allows user to reset their password.
""" 124 124 """
125 125
def post(self, request, format=None): 126 126 def post(self, request, format=None):
""" 127 127 """
Send a password reset token/link to the provided email. 128 128 Send a password reset token/link to the provided email.
--- 129 129 ---
request_serializer: PasswordResetRequestSerializer 130 130 request_serializer: PasswordResetRequestSerializer
""" 131 131 """
data = PasswordResetRequestSerializer(data=request.data) 132 132 data = PasswordResetRequestSerializer(data=request.data)
data.is_valid(raise_exception=True) 133 133 data.is_valid(raise_exception=True)
user = User.objects.get(email=data['email'].value) 134 134 user = User.objects.get(email=data['email'].value)
token = default_token_generator.make_token(user) 135 135 token = default_token_generator.make_token(user)
136 136
body = ''' 137 137 body = '''
Visit the following link to reset your password: 138 138 Visit the following link to reset your password: